Information Security & Compliance Leader -Denver

I

IKR Enterprises

Information Security & Compliance Leader -Denver

Aurora, CO
Full Time
Paid
  • Responsibilities

    INFORMATION SECURITY & COMPLIANCE LEADER

    Denver, CO | Full-time | Hybrid

    \-------------------------------------------------------------

    COMPENSATION

    Base: $250,000--$300,000

    Equity: Competitive

    \-------------------------------------------------------------

    WHY THIS ROLE

    This is the first dedicated security hire at an 80-person applied AI company that builds mission-specific software for enterprise and defense customers -- a company that has grown revenue nearly 7x and raised a $22M Series A in early 2026, backed by investors who include former leadership from one of the defining enterprise software companies of the last decade. The firm already holds SOC 2 Type II, ISO 27001, and Cyber Essentials Plus certifications, and is now bringing in someone to own and evolve the entire program as the company scales into CMMC and HIPAA territory. This is not a compliance-as-paperwork role: you will be embedded in how the product is built, serving as a security architecture partner to the engineering team, and owning the security story with enterprise and defense buyers as a commercial asset. The H-1B transfer / OPT / green card sponsorship availability is notable given the typical posture of companies this size.

    \-------------------------------------------------------------

    ABOUT THE ROLE

    You'll own and mature the company's compliance portfolio (SOC 2, ISO 27001, Cyber Essentials Plus, HIPAA, CMMC), serve as a security architecture partner to the product and engineering teams, lead all third-party security assessments and customer diligence, define AI and SaaS governance, own access control strategy across internal systems and the multi-tenant platform, and serve as the primary escalation point for security events. You'll also manage vendor risk, device and endpoint security standards, background check compliance across the US and UK, and secure SDLC practices. NYC preferred; London and Denver also possible.

    \-------------------------------------------------------------

    REQUIREMENTS

    Experience: 6--10 years building and maturing information security and compliance programs

    \- Proven ownership of SOC 2 and ISO 27001 programs; CMMC and/or HIPAA experience strongly preferred

    \- Ability to serve as a hands-on security architecture partner to engineering teams (threat modeling, secure design patterns, data isolation, multi-tenant architecture)

    \- Experience leading customer-facing security diligence, questionnaires, and audit engagements

    \- Strong command of access control strategy (SSO, Okta, least-privilege, provisioning/deprovisioning)

    \- Experience defining secure SDLC practices (dependency management, secret handling, vulnerability remediation SLAs)

    \- Ability to own and communicate security posture credibly to enterprise buyers, auditors, and legal teams

    \- Comfortable defining governance for AI tools and SaaS in both internal operations and customer-facing contexts

    \- Experience with ISMS management, security awareness training, incident response, and business continuity

    Visa Sponsorship: Available -- H-1B transfer, opt → H-1B, green card

    \-------------------------------------------------------------

    LOGISTICS

    Location: New York, NY (Hudson Yards) -- primary; London, UK and Denver, CO also possible

    Work Policy: Hybrid -- 3--4 days per week in office; NYC strongly preferred